Ursnif Variant Adds Redirection to Attack Aussie Targets

Discussion in '0-day Release' started by silversurfer, Dec 5, 2017.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    A fresh version of the Ursnif banking trojan is being tested in the wild, using newly incorporated redirection attacks.

    IBM X-Force research detected the variation—the third major overhaul for the Gozi-based malware since its launch a decade ago—starting with very minor testing over the summer; now, larger yet still limited campaigns have started. What’s notable is that its authors have made modifications on the code-injection level and to attack tactics.

    As to the latter, the malware’s operators have opted to begin using redirection attacks to target business and corporate banking customers in Australia. Target lists from November showed that the malware’s operators dedicated a general configuration to small banks and credit unions in Australia and added a few other, bank-specific configurations dedicated to launching redirection attacks against business and corporate banking customers.

    Source: https://www.infosecurity-magazine.com/news/ursnif-variant-adds-redirection/
    RGiskardR likes this.
  2. Google Adsense

Share This Page